Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asustor vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2018-11341
Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to navigate the file system via the filename parameter.
Asustor As6202t Firmware
356
VMScore
CVE-2018-11342
A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter.
Asustor As6202t Firmware
356
VMScore
CVE-2018-11344
A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows malicious users to arbitrarily specify a file on the system to download via the file1 parameter.
Asustor As6202t Firmware
356
VMScore
CVE-2018-11346
An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter.
Asustor As6202t Firmware
510
VMScore
CVE-2018-11510
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
Asustor Adm
2 EDB exploits
1 Github repository
534
VMScore
CVE-2018-15694
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the "Web Server" feature is enabled.
Asustor Data Master
356
VMScore
CVE-2018-15696
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to enumerate all user accounts via user.cgi.
Asustor Data Master
605
VMScore
CVE-2018-15698
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi.
Asustor Data Master
NA
CVE-2023-4475
An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an malicious user to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61...
Asustor Data Master
445
VMScore
CVE-2018-12306
Directory Traversal in File Explorer in ASUSTOR ADM version 3.1.1 allows malicious users to view arbitrary files by modifying the "file1" URL parameter, a similar issue to CVE-2018-11344.
Asustor Data Master 3.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »